pyr0ball
321abe0646
app/config.py: centralized Settings (DEMO_MODE, CLOUD_MODE, ports, etc.) app/middleware/demo.py: DemoModeMiddleware — caps sessions (429), blocks export (403), adds X-Linnet-Mode header app/middleware/cloud.py: CloudAuthMiddleware — requires X-CF-Session on /session/* routes, 401 without it app/services/session_store.py: active_session_count() for demo cap app/main.py: wires middleware conditionally, extends CORS for cloud origins compose.test.yml: hermetic pytest runner in Docker (CF_VOICE_MOCK=1) compose.demo.yml: DEMO_MODE=true, ports 8523/8524, demo.circuitforge.tech/linnet compose.cloud.yml: CLOUD_MODE=true, ports 8522/8527, menagerie.circuitforge.tech/linnet docker/web/Dockerfile: two-stage build (node:20 → nginx:alpine), VITE_BASE_URL/VITE_API_BASE ARGs docker/web/nginx.conf: SSE + WS proxy, SPA routing (dev/demo) docker/web/nginx.cloud.conf: adds X-CF-Session forwarding, /linnet/ alias for path-strip Caddy routing manage.sh: profile arg (dev|demo|cloud|test), start/stop/restart/status/test/logs/build/open per profile tests/test_profiles.py: 8 tests — demo export block, session cap, cloud auth gate, mode headers
45 lines
1.7 KiB
Python
45 lines
1.7 KiB
Python
# app/middleware/demo.py — DEMO_MODE restrictions
|
|
#
|
|
# When DEMO_MODE=true:
|
|
# - Session creation is capped at DEMO_MAX_SESSIONS concurrent sessions
|
|
# - Export endpoint returns 403 (no personal data leaves the demo server)
|
|
# - Response header X-Linnet-Mode: demo on all responses
|
|
# - CF_VOICE_MOCK is forced on (see compose.demo.yml)
|
|
from __future__ import annotations
|
|
|
|
from fastapi import Request, Response
|
|
from starlette.middleware.base import BaseHTTPMiddleware
|
|
from starlette.responses import JSONResponse
|
|
|
|
from app.config import settings
|
|
from app.services import session_store
|
|
|
|
|
|
class DemoModeMiddleware(BaseHTTPMiddleware):
|
|
async def dispatch(self, request: Request, call_next) -> Response:
|
|
path = request.url.path
|
|
|
|
# Block export in demo mode — no data leaves the demo server
|
|
if path.endswith("/export"):
|
|
return JSONResponse(
|
|
status_code=403,
|
|
content={"detail": "Export is disabled in demo mode."},
|
|
)
|
|
|
|
# Cap concurrent session creation
|
|
if path == "/session/start" and request.method == "POST":
|
|
active = session_store.active_session_count()
|
|
if active >= settings.demo_max_sessions:
|
|
return JSONResponse(
|
|
status_code=429,
|
|
content={
|
|
"detail": (
|
|
f"Demo server is at capacity ({settings.demo_max_sessions} "
|
|
"active sessions). Please try again in a moment."
|
|
)
|
|
},
|
|
)
|
|
|
|
response = await call_next(request)
|
|
response.headers["X-Linnet-Mode"] = "demo"
|
|
return response
|